Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search

lockbit

LockBit: The Bluff of Double Extortion Against the Federal Reserve

RHC Dark Lab : 26 June 2024 09:25

In recent years, the cybersecurity landscape has been dominated by the growing threat posed by ransomware groups.

Among these, LockBit has emerged as one of the most notorious and feared. However, a recent event has called their credibility into question: the announcement of a supposed double extortion against the Federal Reserve, which turned out to be a bluff.

The Context: Who is LockBit?

LockBit is a cybercriminal group known for using ransomware as their main weapon. Active since 2019, this group specializes in targeted attacks against large companies and institutions. Their attack strategy is often based on the technique of “double extortion,” which involves not only encrypting data but also threatening to publish sensitive information if a ransom is not paid.

The Announcement of Double Extortion

Prova Gratuitamente Business Log! L'Adaptive SOC italiano

Proteggi la tua azienda e ottimizza il tuo lavoro grazie al SOC di Business Log, il software leader per audit, log management e cybersicurezza realizzato in Italia. Business Log garantisce:

  • Conformità a NIS2, GDPR e ISO 27001
  • Analisi avanzata e prevenzione del dossieraggio
  • Semplice da installare, potente da usare

  • Scarica ora la versione di prova gratuita per 30 giorni e scopri come Business Log può rivoluzionare la tua gestione dei log e la sicurezza IT!

    Promo Corso CTI

    Recently, LockBit claimed to have conducted a double extortion attack against the Federal Reserve, the central financial institution of the United States. This announcement immediately attracted the attention of the media and cybersecurity experts, given the importance and sensitivity of the target.

    The Truth Revealed

    Despite initial concerns, it was soon discovered that the announcement was a bluff. Investigations revealed that the onion links provided by LockBit did not lead to compromised data from the Federal Reserve but rather redirected to the website of the company GetEvolved, a completely unrelated entity.

    Previous Identification Errors

    This is not the first time LockBit has misidentified its victims. A famous case in Italy saw the ransomware group erroneously claim an attack against the Agenzia delle Entrate (Italian Revenue Agency). On that occasion too, the announcement turned out to be unfounded, demonstrating a certain superficiality in their operations and information verification.

    Conclusions

    The episode of LockBit’s bluff against the Federal Reserve, along with the previous misidentification error in Italy, highlights how the landscape of cyber threats is constantly evolving and how cybercriminals can use increasingly sophisticated and unpredictable tactics. It remains essential for organizations to maintain a high level of vigilance and adopt a robust cybersecurity strategy to protect their data and operations.

    RHC Dark Lab
    RHC Dark Lab is a group of experts from the Red Hot Cyber community dedicated to Cyber Threat Intelligence led by Pietro Melillo. Participating in the collective, Sandro Sana, Alessio Stefan, Raffaela Crisci, Vincenzo Di Lello, Edoardo Faccioli. Their mission is to spread knowledge about cyber threats to improve the country's awareness and digital defences, involving not only specialists in the field but also ordinary people. The aim is to disseminate Cyber Threat Intelligence concepts to anticipate threats.